Input passed to "$_SERVER['REQUEST_URI']" in various scrips and includes is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when malicious data is viewed.

Status:
1. Contacted the author at June 29, 2007 via sourceforge tracker (https://sourceforge.net/tracker/?func=detail&atid=725721&aid=1745220&group_id=132967).
2. The author concluded "I am not happy that this is a real bug, and therefore will be closed until further notice."

Solution:
-edit the source code to ensure the input is properly sanitized.